U.S. and Canadian cybersecurity agencies say Chinese-linked actors deployed "Brickstorm" malware to infiltrate critical infrastructure and maintain long-term access for potential sabotage. Reuters reports: The Chinese-linked hacking operations are the latest example of Chinese hackers targeting critical infrastructure, infiltrating sensitive networks and "embedding themselves to enable long-term access, disruption, and potential sabotage," Madhu Gottumukkala, the acting director of the Cybersecurity and Infrastructure Security Agency, said in an advisory signed by CISA, the National Security Agency and the Canadian Centre for Cyber Security. According to the advisory, which was published alongside a more detailed malware analysis report (PDF), the state-backed hackers are using malware known as "Brickstorm" to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers.

In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday. The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. [...] In addition to traditional espionage, the hackers in those cases likely also used the operations to develop new, previously unknown vulnerabilities and establish pivot points to broader access to more victims, Google said at the time.

India is weighing a proposal to mandate always-on satellite tracking in smartphones for precise government surveillance -- an idea strongly opposed by Apple, Google, Samsung, and industry groups. Reuters reports: For years, the [Prime Minister Narendra Modi's] administration has been concerned its agencies do not get precise locations when legal requests are made to telecom firms during investigations. Under the current system, the firms are limited to using cellular tower data that can only provide an estimated area location, which can be off by several meters.

The Cellular Operators Association of India (COAI), which represents Reliance's Jio and Bharti Airtel, has proposed that precise user locations should only be provided if the government orders smartphone makers to activate A-GPS technology -- which uses satellite signals and cellular data -- according to a June internal federal IT ministry email. That would require location services to always be activated in smartphones with no option for users to disable them. Apple, Samsung, and Alphabet's Google have told New Delhi that should not be mandated, said three of the sources who have direct knowledge of the deliberations.

A measure to track device-level location has no precedent anywhere else in the world, lobbying group India Cellular & Electronics Association (ICEA), which represents both Apple and Google, wrote in a confidential July letter to the government, which was viewed by Reuters. "The A-GPS network service ... (is) not deployed or supported for location surveillance," said the letter, which added that the measure "would be a regulatory overreach." Earlier this week, Modi's government was forced to rescind an order requiring smartphone makers to preload a state-run cyber safety app on all devices after public backlash and privacy concerns.

Two Virginia brothers Muneeb and Sohaib Akhter, previously convicted of hacking the U.S. State Department, were rehired as federal contractors and are now charged with conspiring to steal sensitive data and destroy government databases after being fired. "Following the termination of their employment, the brothers allegedly sought to harm the company and its U.S. government customers by accessing computers without authorization, issuing commands to prevent others from modifying the databases before deletion, deleting databases, stealing information, and destroying evidence of their unlawful activities," the Justice Department said in a Wednesday press release. BleepingComputer reports: According to court documents, Muneeb Akhter deleted roughly 96 databases containing U.S. government information in February 2025, including Freedom of Information Act records and sensitive investigative documents from multiple federal agencies. One minute after deleting a Department of Homeland Security database, Muneeb Akhter also allegedly asked an artificial intelligence tool for instructions on clearing system logs after deleting a database.

The two defendants also allegedly ran commands to prevent others from modifying the targeted databases before deletion, and destroyed evidence of their activities. The prosecutors added that both men wiped company laptops before returning them to the contractor and discussed cleaning out their house in anticipation of a law enforcement search. The complaint also claims that Muneeb Akhter stole IRS information from a virtual machine, including federal tax data and identifying information for at least 450 individuals, and stole Equal Employment Opportunity Commission information after being fired by the government contractor.

Muneeb Akhter has been charged with conspiracy to commit computer fraud and destroy records, two counts of computer fraud, theft of U.S. government records, and two counts of aggravated identity theft. If found guilty, he faces a minimum of two years in prison for each aggravated identity theft count, with a maximum of 45 years on other charges. His brother, Sohaib, is charged with conspiracy to commit computer fraud and password trafficking, facing a maximum penalty of six years if convicted.

An anonymous reader quotes a report from Ars Technica: A Donald Trump-backed push has failed to wedge a federal measure that would block states from passing AI laws for a decade into the National Defense Authorization Act (NDAA). House Majority Leader Steve Scalise (R-La.) told reporters Tuesday that a sect of Republicans is now "looking at other places" to potentially pass the measure. Other Republicans opposed including the AI preemption in the defense bill, The Hill reported, joining critics who see value in allowing states to quickly regulate AI risks as they arise.

For months, Trump has pressured the Republican-led Congress to block state AI laws that the president claims could bog down innovation as AI firms waste time and resources complying with a patchwork of state laws. But Republicans have continually failed to unite behind Trump's command, first voting against including a similar measure in the "Big Beautiful" budget bill and then this week failing to negotiate a solution to pass the NDAA measure. [...]

"We MUST have one Federal Standard instead of a patchwork of 50 State Regulatory Regimes," Trump wrote on Truth Social last month. "If we don't, then China will easily catch us in the AI race. Put it in the NDAA, or pass a separate Bill, and nobody will ever be able to compete with America." If Congress bombs the assignment to find another way to pass the measure, Trump will likely release an executive order to enforce the policy. Republicans in Congress had dissuaded Trump from releasing a draft of that order, requesting time to find legislation where they believed an AI moratorium could pass. "The controversial proposal had faced backlash from a nationwide, bipartisan coalition of state lawmakers, parents, faith leaders, unions, whistleblowers, and other public advocates," the NDAA, a bipartisan group that lobbies for AI safety laws, said in a press release.

This "widespread and powerful" movement "clapped back" at Republicans' latest "rushed attempt to sneak preemption through Congress," Brad Carson, ARI's president, said, because "Americans want safeguards that protect kids, workers, and families, not a rules-free zone for Big Tech."

A federal judge has ordered OpenAI to hand over 20 million anonymized ChatGPT logs in its copyright battle with the New York Times and other outlets. Reuters reports: U.S. Magistrate Judge Ona Wang in a decision made public on Wednesday said that the 20 million logs were relevant to the outlets' claims and that handing them over would not risk violating users' privacy. The judge rejected OpenAI's privacy-related objections to an earlier order requiring the artificial intelligence startup to submit the records as evidence. "There are multiple layers of protection in this case precisely because of the highly sensitive and private nature of much of the discovery," Wang said.

An OpenAI spokesperson on Wednesday cited an earlier blog post from the company's Chief Information Security Officer Dane Stuckey, which said the Times' demand for the chat logs "disregards long-standing privacy protections" and "breaks with common-sense security practices." OpenAI has separately appealed Wang's order to the case's presiding judge, U.S. District Judge Sidney Stein.

A group of newspapers owned by Alden Global Capital's MediaNews Group is also involved in the lawsuit. MediaNews Group executive editor Frank Pine said in a statement on Wednesday that OpenAI's leadership was "hallucinating when they thought they could get away with withholding evidence about how their business model relies on stealing from hardworking journalists."

An anonymous reader quotes a report from Politico: Five months after releasing a plan to accelerate the development of artificial intelligence, the Trump administration is turning to robots. Commerce Secretary Howard Lutnick has been meeting with robotics industry CEOs and is "all in" on accelerating the industry's development, according to three people familiar with the discussions who were granted anonymity to share details. The administration is considering issuing an executive order on robotics next year, according to two of the people. A Department of Commerce spokesperson said: "We are committed to robotics and advanced manufacturing because they are central to bringing critical production back to the United States."

The Department of Transportation is also preparing to announce a robotics working group, possibly before the end of the year, according to one person familiar with the planning. A spokesperson for the department did not respond to a request for comment. There's growing interest on Capitol Hill as well. A Republican amendment to the National Defense Authorization Act would have created a national robotics commission. The amendment was not included in the bill. Other legislative efforts are underway. The flurry of activity suggests robotics is emerging as the next major front in America's race against China. "There is now recognition that advanced robotics is crucial to the U.S. in terms of manufacturing, technology, national security, defense applications, public safety," said Brendan Schulman, VP of policy and government relations for Boston Dynamics. "The investment that we're seeing in the sector and the efforts in China to dominate the future of robotics are being noticed."

India has withdrawn its order requiring Apple and other smartphone makers to preinstall the government's Sanchar Saathi app after public backlash and privacy concerns. AppleInsider reports: On November 28, the India Ministry of Communication issued a secret directive to Apple and other smartphone manufacturers, requiring the preinstallation of a government-backed app. Less than a week later, the order has been rescinded. The withdrawal on Wednesday means Apple doesn't have to preload the Sanchar Saathi app onto iPhones sold in the country, in a way that couldn't be "disabled or restricted." [...]

In pulling back from the demand, the government insisted that the app had an "increasing acceptance" among citizens. There was a tenfold spike of new user registrations on Tuesday alone, with over 600,000 new users made aware of the app from the public debacle. India Minister of Communications Jyotiraditya Scindia took a moment to insist that concerns the app could be used for increased surveillance were unfounded. "Snooping is neither possible nor will it happen" with the app, Scindia claimed.

"This is a welcome development, but we are still awaiting the full text of the legal order that should accompany this announcement, including any revised directions under the Cyber Security Rules, 2024," said the Internet Freedom Foundation. It is treating the news with "cautious optimism, not closure," until formalities conclude. However, while promising, the backdown doesn't stop India from retrying something similar or another tactic in the future.

An anonymous reader quotes a report from the New York Times: The San Francisco city attorney filed on Tuesday the nation's first government lawsuit against food manufacturers over ultraprocessed fare (source may be paywalled; alternative source), arguing that cities and counties have been burdened with the costs of treating diseases that stem from the companies' products. David Chiu, the city attorney, sued 10 corporations that make some of the country's most popular food and drinks. Ultraprocessed products now comprise 70 percent of the American food supply and fill grocery store shelves with a kaleidoscope of colorful packages. Think Slim Jim meat sticks and Cool Ranch Doritos. But also aisles of breads, sauces and granola bars marketed as natural or healthy.

It is a rare issue on which the liberal leaders in San Francisco City Hall are fully aligned with the Trump administration, which has targeted ultraprocessed foods as part of its Make America Healthy Again mantra. Mr. Chiu's lawsuit, which was filed in San Francisco Superior Court on behalf of the State of California, seeks unspecified damages for the costs that local governments bear for treating residents whose health has been harmed by ultraprocessed food. The city accuses the companies of "unfair and deceptive acts" in how they market and sell their foods, arguing that such practices violate the state's Unfair Competition Law and public nuisance statute. The city also argues the companies knew that their food made people sick but sold it anyway.

Apple does not plan to comply with India's mandate to preload its smartphones with a state-owned cyber safety app that cannot be disabled. According to Reuters, the order "sparked surveillance concerns and a political uproar" after it was revealed on Monday. From the report: In the wake of the criticism, India's telecom minister Jyotiraditya M. Scindia on Tuesday said the app was a "voluntary and democratic system," adding that users can choose to activate it and can "easily delete it from their phone at any time." At present, the app can be deleted by users. Scindia did not comment on or clarify the November 28 confidential directive that ordered smartphone makers to start preloading it and ensure "its functionalities are not disabled or restricted."

Apple however does not plan to comply with the directive and will tell the government it does not follow such mandates anywhere in the world as they raise a host of privacy and security issues for the company's iOS ecosystem, said two of the industry sources who are familiar with Apple's concerns. They declined to be named publicly as the company's strategy is private. "Its not only like taking a sledgehammer, this is like a double-barrel gun," said the first source.

The UK government plans to ban political donations made in cryptocurrency over fears of anonymity, foreign influence, and traceability issues, though the ban won't be ready in time for the upcoming elections bill. The Guardian reports: The government's ambition to ban crypto donations will be a blow to Nigel Farage's Reform UK party, which became the first to accept contributions in digital currency this year. It is believed to have received its first registrable donations in cryptocurrency this autumn and the party has set up its own crypto portal to receive contributions, saying it is subject to "enhanced" checks. Government sources have said ministers believe cryptocurrency donations to be a problem, as they are difficult to trace and could be exploited by foreign powers or criminals.

Pat McFadden, then a Cabinet Office minister, first raised the idea in July, saying: "I definitely think it is something that the Electoral Commission should be considering. I think that it's very important that we know who is providing the donation, are they properly registered, what are the bona fides of that donation." The Electoral Commission provides guidance on crypto donations but ministers accept any ban would probably have to come from the government through legislation. "Crypto donations present real risks to our democracy," said Susan Hawley, the executive director of Spotlight on Corruption. "We know that bad actors like Russia use crypto to undermine and interfere in democracies globally, while the difficulties involved in tracing the true source of transactions means that British voters may not know everyone who's funding the parties they vote for."

An anonymous reader quotes a report from the Wall Street Journal: The Trump administration has agreed to inject up to $150 million into a startup (source paywalled; alternative source) trying to develop more advanced semiconductor manufacturing techniques in the U.S., its latest bid to support strategically important domestic industries with government incentives. Under the arrangement, the Commerce Department would give the incentives to xLight, a startup trying to improve the critical chip-making process known as extreme ultraviolet lithography, the agency said in a Monday release. In return, the government would get an equity stake that would likely make it xLight's largest shareholder.

The Dutch firm ASML is currently the only global producer of EUV machines, which can cost hundreds of millions of dollars each. XLight is seeking to improve on just one component of the EUV process: the crucially important lasers that etch complex microscopic patterns onto chemical-treated silicon wafers. The startup is hoping to integrate its light sources into ASML's machines. XLight represents a second act for Pat Gelsinger, the former chief executive of Intel who was fired by the board late last year after the chip maker suffered from weak financial performance and a stalled manufacturing expansion. Gelsinger serves as executive chairman of xLight's board.

[...] The xLight deal uses funding from the 2022 Chips and Science Act allocated for earlier stage companies with promising technologies. It is the first Chips Act award in President Trump's second term and is a preliminary agreement, meaning it isn't finalized and could change. "This partnership would back a technology that can fundamentally rewrite the limits of chipmaking," Commerce Secretary Howard Lutnick said in the release.

The British government said it opposes attempts to cool the planet by spraying millions of tons of dust into the atmosphere -- but did not close the door to a debate on regulating the technology. From a report: The comments in parliament Thursday came after a POLITICO investigation revealed an Israeli-U.S. company Stardust Solutions aimed to be capable of deploying solar radiation modification, as the technology is called, inside this decade. "We're not in favor of solar radiation modification given the uncertainty around the potential risks it poses to the climate and environment," Leader of the House of Commons Alan Campbell said on behalf of the government.

An anonymous reader shares a report: India's telecoms ministry has privately asked all smartphone makers to preload all new devices with a state-owned cyber security app, a government order showed, a move set to spark a tussle with Apple, which typically dislikes such directives.

[...] The November 28 order, seen by Reuters, gives major smartphone companies 90 days to ensure that the government's Sanchar Saathi app is pre-installed on new mobile phones, with a provision that users cannot disable it. [...] In the order, the government said the app was essential to combat "serious endangerment" of telecom cyber security from duplicate or spoofed IMEI numbers, which enable scams and network misuse.

Two former U.S. congressmen announced this week that they're launching two tax-exempt fundraising groups "to back candidates who support AI safeguards," reports The Hill, "as a counterweight to industry-backed groups." Former Representatives Chris Stewart (Republican-Utah) and Brad Carson (Democrat-Oklahoma) plan to create separate Republican and Democratic super PACs and raise $50 million to elect candidates "committed to defending the public interest against those who aim to buy their way out of sensible AI regulation," according to a press release...

The pair is also launching a nonprofit called Public First to advocate for AI policy. Carson underscored that polling "shows significant public concern about AI and overwhelming voter support for guardrails that protect people from harm and mitigate major risks." Their efforts are meant to counter "anti-safeguard super PACs" that they argue are attempting to "kill commonsense guardrails around AI," the press release noted...

The super PAC is reportedly targeting a Democratic congressional candidate, New York state Assemblymember Alex Bores, who co-sponsored AI legislation in the Albany statehouse.
"This isn't a partisan issue — it's about whether we'll have meaningful oversight of the most powerful technology ever created," Chris Stewart says in their press release.

"We've seen what happens when government fails to act on other emerging technologies. With AI, the stakes are enormous, and we can't afford to make the same missteps."

27 million people live in Australia. But there's a big change coming if you're under 16, reports CNN: From December 10, sites that meet the Australian government's definition of an "age-restricted social media platform" will need to show that they're doing enough to eject or block children under 16 or face fines of up to 49.5 million Australian dollars ($32 million). The list includes Snapchat, Facebook, Instagram, Kick, Reddit, Threads, TikTok, Twitch, X, and YouTube...

Meta says it'll start deactivating accounts and blocking new Facebook, Instagram and Threads accounts from December 4. Under-16s are being encouraged to download their content. Snap says users can deactivate their accounts for up to three years, or until they turn 16...

There's another sting in the ban, too, coming at the end of the Australian school year before the summer break in the southern hemisphere. For eight weeks, there'll be no school, no teachers — and no scrolling. For millions of children, it could be the first school break they spend in years without the company of time-killing social media algorithms, or an easy way to contact their friends. Even for parents who support the ban, it could be a very long summer.
"There's every chance that bans will spread..." the article argues. "Other countries around the world are taking notes as Australia explores new territory that some say mirrors safety evolutions of years past — the dawning realization that maybe cars need safety belts, and that perhaps cigarettes should come with some kind of health warning." And according to the Associated Press, Malaysia "has also announced plans to ban social media accounts for children under 16 starting in 2026."

But CNN reports few teenagers in Australia knew about its impending ban on social media, judging by a show of hands at one high school auditorium. Teenagers in the audience had two questions.

• "Can you get your account back when you turn 16?"
• "What if I lie about my age?"

"By my count, Linux has over 11% of the desktop market," writes ZDNet's Steven Vaughan-Nichols: In StatCounter's latest US numbers, which cover through October, Linux shows up as only 3.49%. But if you look closer, "unknown" accounts for 4.21%. Allow me to make an educated guess here: I suspect those unknown desktops are actually running Linux. What else could it be? FreeBSD? Unix? OS/2? Unlikely. In addition, ChromeOS comes in at 3.67%, which strikes me as much too low. Leaving that aside, ChromeOS is a Linux variant. It just uses the Chrome web browser for its interface rather than KDE Plasma, Cinnamon, or another Linux desktop environment. Put all these together, and you get a Linux desktop market share of 11.37%...

If you want to look at the broader world of end-user operating systems, including phones and tablets, Linux comes out even better. In the US, where we love our Apple iPhones, Android — yes, another Linux distro — boasts 41.71% of the market share, according to StatCounter's latest numbers. Globally, however, Android rules with 72.55% of the market. Yes, that's right, if you widen the Linux end-user operating system metric to include PC, tablets, and smartphones, you can make a reasonable argument that Linux, and not Windows, is already the top dog operating system...

If you add Chrome OS (1.7%) and Android (15.8%), 23.3% of all people accessing the U.S. government's websites are Linux users. The Linux kernel's user-facing footprint is much larger than the "desktop Linux" label suggests.
The article lists reasons more people might be switching to Linux, including broader hardware support and "the increased viability of gaming via Steam and Proton" — but also the rise of Digital Sovereignty initiatives. (One EU group has even created EU OS.")

And finally, "not everyone is thrilled with Windows 11 being turned into an AI-agentic operating system."

The investigation into the June 12 Air India crash that killed 260 people has been marked by tension, suspicion and poor communication between American and Indian officials, including an episode where NTSB chairwoman Jennifer Homendy instructed her black-box specialists not to board a late-night Indian military flight to a remote facility, WSJ reports.

When two American recorder experts landed in New Delhi in late June, they received urgent messages from colleagues telling them not to go with the Indians; Homendy had grown concerned about sending U.S. personnel and equipment to an aerospace lab in the remote town of Korwa amid State Department security warnings about terrorism in the region. She made calls to Transportation Secretary Sean Duffy and the CEOs of Boeing and GE Aerospace, and the State Department sent embassy officials to intercept the NTSB specialists at the airport.

Homendy eventually delivered an ultimatum: if Indian authorities didn't choose between their Delhi facility and the NTSB's Washington lab within 48 hours, she would withdraw American support from the probe. Indian officials relented. The downloaded data showed someone in the cockpit moved switches that cut off the engines' fuel supply, and India's preliminary report stated one pilot asked the other why he moved the switches while that pilot denied doing so. American government and industry officials now privately believe the captain likely moved the switches deliberately.

The bitter standoff between Dutch chipmaker Nexperia -- which supplies basic chips crucial to 49% of European automakers, over 85% of medical device companies, and the entire defense industry -- and its Chinese parent company Wingtech escalated on Friday when both Wingtech and Nexperia's Chinese unit accused the Dutch business of secretly building a supply chain that would cut China out entirely. The accusations came one day after Nexperia's Dutch headquarters published an open letter claiming it had repeatedly tried and failed to contact its Chinese unit.

Nexperia China demanded the Dutch side halt its overseas expansion plans, specifically a $300 million investment in a Malaysian plant, and alleged an internal company target to source 90% of production outside China by mid-2026. The Chinese unit also accused its European counterparts of deleting employee email accounts and cutting off access to IT systems. The dispute traces back to September when the Dutch government invoked a Cold War-era law to seize control of Nexperia on economic security grounds.

An Amsterdam court subsequently stripped Wingtech of its ownership rights. Beijing retaliated by halting exports of finished Nexperia chips on October 4, triggering warnings of production shutdowns from automakers including Nissan and Bosch. Export curbs were relaxed in early November, and the Dutch government suspended its intervention last week following talks, but the court ruling remains in force. Wingtech warned that supply disruptions could return if the control issue remains unresolved.

Australia warned it's in danger of missing its 2035 climate targets without deeper pollution cuts, which in turn threatens the nation's ambitions to reach net zero by mid-century. From a report: Emissions are set to fall 48% by 2035 from 2005 levels based on current projections [non-paywalled source], the government said in a report on Thursday. That's short of an official pledge to cut greenhouse gases between 62% and 70%. The forecast doesn't take into account new action planned under the nation's Net Zero Plan. Still, the targets remain achievable and officials plan to take additional measures to meet them, Minister for Climate Change and Energy Chris Bowen said in a speech to parliament.

Australia's streaming quotas have become law. Legislation requiring the likes of Netflix, Disney+ and HBO Max to spend a portion of their local earnings on original Australian content has been passed in parliament, and now comes into effect. From a report: The quotas were announced earlier this month. This will see global streamers with more than one million Australian subscribers made to spend 10% of their total Australian expenditure -- or 7.5% of their revenues -- on local originals, whether they are dramas, children's shows, docs, or arts and educational programs.

Failing to comply with the rules will see streamers fined up to ten times their annual revenues in Australia. This is more than what broadcasters are liable for if they breach their quota rules laws. Streamers will be given three years to get their production operations in line.

Streamers have long opposed government-set quotas and content levies, arguing they already meaningfully invest in the production sectors of the countries in which they operate. Producers, in general, have welcomed the systems, but remain wary that they could push streaming services out of their countries.